package com.example.demo.config;

import com.example.demo.utils.JwtUtil;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.transaction.SystemException;

@Component
public class WebHandlerIntercept implements HandlerInterceptor {

    private Logger logger = LoggerFactory.getLogger(WebHandlerIntercept.class);

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        String url = request.getRequestURI();
        // 如果包含login，则直接去验证用户名密码，不需要去验证token，可以利用这里设置白名单
        if (url.contains("/login")) {
            return true;
        }

//        String token = request.getHeader("Authorization");
//        //是否传了token
//        if (StringUtils.isEmpty(token)) {
//            throw new SystemException("请先登录！");
//        }
//        //判断是否过期
//        String userName = JwtUtil.parseJWT(token).get("userName",String.class);
        return true;
//        Integer userId = JwtUtil.getUserId(token);
//        if (!JwtUtil.verify(token, userId)) {
//            throw new SystemException("身份验证异常，请重新登陆！");
//        }
//        //判断是否是超级管理员
//        TokenData tokenData = JwtUtil.getData(token, TokenData.class);
//        if (tokenData.getIsSuper()==1){
//            return true;
//        }

        /*//放行退出操作
        if (request.getServletPath().equals("/logout/do")){
            return true;
        }*/
        //判断操作权限
        /*List<Auth> authList = tokenData.getAuthList();
        for (Auth auth : authList) {
            System.out.println(auth.getAuthUrl());
            if (auth.getAuthUrl().equals(request.getServletPath())) {
                return true;
            }
        }*/
//        throw new SystemException( "对不起，你没有该权限！");
    }
}
